Tag Archives: fingerprint

Is It Time to Buy a Biometric Scanner?

Identity theft is still out there, keeping pace with the latest innovations and security measures and snaring new victims every day. With the advent of cheaper, standalone, easy-to-integrate biometric technology for authentication, is it time to buy a fingerprint scanner?

What’s a biometric scanner?

Biometric technology uses physical or biological information, like a fingerprint, retinal scan or heartbeat, to authenticate a person’s identity. You can currently purchase the most commonplace biometric scanner—that is, one that uses a fingerprint—starting at around $50. The scanner can be used to protect computers and other devices that support biometric scanning technology.

Do biometrics provide additional security?

The short answer: Yes.

Authentication can effectively use three things to keep the wrong people out: something you know, something you have and something you are. We’re all familiar with the first line of defense. “What you know” takes the form of security questions, passwords and a security picture, and there are various strategies to keep it all straight.

Some choose to use password managers or proprietary systems like Apple’s iCloud Keychain. Others prefer to have an encrypted personal security list (logins, passwords) stored on a cloud server. Still others put “what they know” (but couldn’t possibly remember) on a USB stored on a keychain or in a safe if the information is not encrypted. And, yes, some go a little further, choosing to use a fingerprint-encrypted drive (i.e., biometrics). How you manage what you know comes down to personal preference, but the first line of defense is not fail-safe. In fact, there are hacks and breaches all the time. (If you believe you were the victim of a hack, you can view two of your free credit scores on Credit.com for signs of identity theft.)

See also: Are Passwords Finally Becoming Passé?  

The second line of defense, “something you have,” could be access to an email account, a key fob or your mobile phone. You need to have your phone in hand, for instance, to receive the verification code so you can get waved through some digital security checks. This is called two-factor authentication—and, yes, it’s more secure than simply protecting accounts with an alphanumerical password.

The last line of defense, “something you are,” is a really hot topic right now. As I mentioned earlier, in sophisticated systems, this might include a scan of your retina, your finger- or handprints, your body weight (including ups and downs), your height, your face or all of the above. This information is clearly specific to you—and not so easily replicated—so, again, it’s miles more secure that the old standard password or even two-factor authentication.

Needless to say, were you to implement a security protocol that combined all three of the above protocols of authentication, a) criminals would have a really hard time making any money, but b) we would all be frustrated.

Does it have a place in the home?

Biometric authenticators have been the security mode for quite some time in the military and wherever large amounts of money or gold or drugs or weapons are stored, as seen in countless spy and heist movies, but they are slowly making their way into people’s homes.

From smartphones to gun lockers to personal computers, a steady march of devices is offering a biometric element for the user-authentication process. One example comes by way of a new secure credit card being tested by MasterCard in a chain of supermarkets in South Africa. The card is able to store an encrypted copy of the user’s fingerprint, which would make it exceedingly difficult for a scammer to beat.

(Would it be impossible to beat? As with all great capers, only the crooks know for sure. There was a flurry of coverage not too long ago about how photos of people flashing a peace sign could lead to the theft of their fingerprints, thanks to the proliferation of high-definition cameras. But fact-checking website Snopes listed the story as “Unproven,” and for good reason. While it is theoretically possible, no criminals have been caught doing it.)

Should I buy a fingerprint scanner?

Here’s the rub: You won’t really need to.

Unless you were born a long time ago, you may not know what an 8-track is. It came before the cassette tape, which preceded the CD, which is the grandfather of the MP3. When you want to make a point about obsolescence, there are few better examples than those clunky old tapes. I bring them up because current standalone biometric scanners are without a doubt the 8-track of digital security devices.

See also: Biometrics and Fraud Prevention: Seeing Eye to Eye  

If you accept the similarity between biometric scanning devices and MP3 players, the answer to the question above will be crystal clear. These days, MP3s can be played by all the devices we use most. We’re seeing the same thing happen with biometric scanning.

Whether it’s a smartphone, a computer or MasterCard’s new fingerprint-encrypted cards, all stripes of products you use on a daily basis eventually will feature built-in biometric scanners. And, if you are buying something today and prefer devices with built-in (rather than bolt-on) security, don’t despair. There already are plenty of choices out there. Case in point: Anyone with the latest generation of a particular smartphone likely has the option of locking and unlocking the device with their thumb.

Personally, unless and until all devices that should be secure feature biometric scanners, I would suggest opting for those that do—much in the same way I’d advise you to refrain from using “1234” as your password. You can learn more about biometric technology, how it works (and whether it can be hacked) here.

Full disclosure: CyberScout sponsors ThirdCertainty. This story originated as an Op/Ed contribution to Credit.com and does not necessarily represent the views of the company or its partners.

This post originally appeared on ThirdCertainty.

Biometrics and Fraud Prevention: Seeing Eye to Eye

As more consumers opt for the flexibility of serving themselves, it has become essential for businesses to deploy strong systems to authenticate identity. The challenge is how to reduce fraud without frustrating consumers or compromising the customer experience.

Biometric technology has been seen increasingly as a solution in industries such as financial services, but is there a useful place in insurance? As technology becomes more convenient –and more secure — many are saying yes.

What’s What in Biometrics

By identifying individuals through their unique physiological or behavioral patterns, biometrics offers a higher level of security, ensuring that only authorized persons have access to sensitive data. Physiological biometrics include fingerprint, face, iris and hand geometry recognition. Behavioral biometrics identify signature and voice verification, including keystroke kinetics that identify a person’s typing habits.

As consumer-centric channels such as mobile and online applications continue to expand, so will the risk of fraud. And while many industries, including insurance, continue to deploy new technologies to stave off attacks, the reality is that the tools and methods by which professional fraudsters operate are becoming increasingly sophisticated.

“While insurers have applied some preventive measures against fraud, the industry as a whole needs to catch up,” says Steve Cook, director of business development, Facebanx. “They must be forward-thinking and recognize the benefits of biometric technology and how it can help in preventing fraudulent activities.”

Reducing Claim Fraud and Protecting Data

One area where biometrics has begun to take hold is healthcare insurance. A study by the Ponemon Institute found nearly 1.5 million Americans to be victims of medical identity theft. Healthcare fraud is estimated to cost between $70 billion and $255 billion a year, accounting for as much as 10% of total U.S. healthcare costs.

Many insurers are using biometrics to help reduce billing fraud by eliminating the sharing of medical insurance cards between patients, or by making it more difficult for a person to assume another’s identity. For example, as an alternative to paper insurance cards, a biometric iris scan can immediately transport proof of a patient’s physical presence at a healthcare facility.

Biometric technology is also assisting healthcare insurers with compliance and data integrity standards — in particular with those set by the Health Insurance Portability and Accountability Act (HIPAA). For example, in addition to adhering to requirements for automatic logoff and user identification, insurers must implement additional safeguards that include PINs, passwords and some method of biometrics.

Fraud Capabilities in Property and Casualty

According to a report by Aite Group, the war against fraud in property and casualty insurance is also escalating. The group estimates that claim fraud in the U.S. P&C industry alone cost carriers $64 billion in 2012 and will reach $80 billion by 2015. Customer contact centers have been hit particularly hard. While the focus on protecting consumer data has primarily centered on online channels, fraudsters are now targeting the phone channel, as well. Leveraging information obtained through social media networks, thieves are manipulating call center representatives and gathering customer information. 

For this reason, biometrics are being deployed. Representatives can cross-reference incoming calls against a watch list of known fraudsters, identifying unique voice prints. Advanced biometric techniques can also identify fraud patterns based on speech analytics, talk patterns and various “red flag” interactions.

Summary

The insurance industry is just beginning to scratch the surface when it comes to identifying areas of fraud management to which biometric science can be applied. 

“Insurance companies [that] are first to adopt this kind of technology will push the fraudsters over to the competition, because fraudsters don’t want their face or voice on a database that they can’t control,” Cook says.

Making the switch to biometric security measures can mean a substantial investment if done on a large scale. Even so, with the proliferation of online channels, consumer conveniences and ever-shifting tactics of fraudsters, deploying some degree of biometric technology will become a competitive necessity. And, as long as the insurance industry continues to expand consumer services because of e-commerce and m-commerce, no doubt new applications of biometrics will come about.